2 matches found
Cross Site Scripting(XSS)
spip:sid is vulnerable to cross site scripting. The vulnerability due to upload a file with name which related to javascript/bigup.js and javascript/bigup.utils.js. It leads to allows an attacker upload a malicious file...
Cross Site Scripting(XSS)
spip:sid is vulnerable to Cross Site ScriptingXSS. This vulnerability due to input fromrequest is not restricted to safe characters. It allow an attacker to change files in ecrire/public/assembler.php...